Question 1.
You are the network consultant from Your company. Please point out two requirements call for the deployment of 802.1X.

A. Authenticate users on switch or wireless ports
B. Grant or Deny network access at the port level, based on configured authorization policies
C. Allow network access during the queit period
D. Verify security posture using TACAS+

Answer: A, B

Question 2.
Open Shortest Path First (OSPF) is a dynamic routing protocol for use in Internet Protocol (IP) networks. An OSPF router on the network is running at an abnormally high CPU rate. By use of different OSPF debug commands on Router, the network administrator determines that router is receiving many OSPF link state packets from an unknown OSPF neighbor, thus forcing many OSPF path recalculations and affecting router's CPU usage. 

Which OSPF configuration should the administrator enable to preent this kind of attack on the Router?

A. Multi-Area OSPF
B. OSPF stub Area
C. OSPF MD5 Authentication
D. OSPF not-so-stubby Area

Answer: C

Question 3.
Which one of the following Cisco Security Management products is able to perform (syslog) events normalization?

A. Cisco IME
B. Cisco Security Manager
C. Cisco ASDM
D. Cisco Security MARS

Answer: D

Question 4.
Can you tell me which one of the following platforms has the highest IPSec throughput and can support the highest number of tunnels?

A. Cisco 6500/7600 + VPN SPA
B. Cisco ASR 1000-5G
C. Cisco 7200 NPE-GE+VSA
D. Cisco 7200 NPE-GE+VAM2+

Answer: A

Question 5.
Which two methods can be used to perform IPSec peer authentication? (Choose two.)

A. One-time Password
B. AAA
C. Pre-shared key
D. Digital Certificate

Answer: C, D

Question 6.
Cisco Security Agent is the first endpoint security solution that combines zero-update attack protection, data loss prevention and signature-based antivirus in a single agent. This unique blend of capabilities defends servers and desktops against sophisticated day-zero attacks and enforces acceptable-use and compliance policies within a simple management infrastructure. 

What are three functions of CSA in helping to secure customer environments?

A. Control of executable content
B. Identification of vulnerabilities
C. Application Control
D. System hardening

Answer: A, C, D

Question 7.
Cisco Secure Access Control Server (ACS) is an access policy control platform that helps you comply with growing regulatory and corporate requirements. 

Which three of these items are features of the Cisco Secure Access Control Server?

A. NDS
B. RSA Certificates
C. LDAP
D. Kerberos

Answer: A, B, C

Question 8.
Observe the following protocols carefully, which one is used to allow the utilization of Cisco Wide Area Application Engines or Cisco IronPort S-Series web security appliances to localize web traffic patterns I the network and to enable the local fulfillment of content requests?

A. TLS
B. DTLS
C. WCCP
D. HTTPS

Answer: C

Question 9.
Which one is not the factor can affect the risk rating of an IPS alert?

A. Relevance
B. Attacker location
C. Event severity
D. Signature fidelity

Answer: B

Question 10.
For the following items, which two are differences between symmetric and asymmetric encryption algorithms? (Choose two.)

A. Asymmetric encryption is slower than symmetric encryption
B. Asymmetric encryption is more suitable than symmetric encryption for real-time bulk encryption
C. Symmetric encryption is used in digital signatures and asymmetric encryption is used in 
    HMACs
D. Asymmetric encryption requires a much larger key size to achieve the same level of protection 
    as asymmetric encryption

Answer: A, D

	Web www.certsbraindumps.com